MyCity » Ambulanta -> Arhiva Ambulante » Zarazen Firefox

Zarazen Firefox

Napisano na dan: 24.3.2018

Zarazen Firefox

Odgovori

goust Poslao: 24 Mar 2018 22:02 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pojavljuju mi se oni odvratni preusmerivači, popup-ovi i ostalo. Pokusao sam sam daih sklonim sa MBAM i ADWCleanerom ali bez uspeha Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018 Ran by Sale (administrator) on SALE-PC (24-03-2018 21:58:52) Running from C:\Users\Sale\Desktop Loaded Profiles: Sale (Available Profiles: Sale) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP) C:\Windows\System32\HPSIsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2623900519-3301226672-1341085607-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2018-03-07] ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0424FF70-120F-4C97-8D19-C3954930CE44}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{BBDD4AC8-341F-4337-A7AB-5E484CFF931E}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2623900519-3301226672-1341085607-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-2623900519-3301226672-1341085607-1000 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Toolbar: HKU\S-1-5-21-2623900519-3301226672-1341085607-1000 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227 [2018-03-24] FF user.js: detected! => C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\user.js [2017-06-30] FF Homepage: Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227 -> hxxps://www.google.rs/?gws_rd=ssl FF Extension: (System Table) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\622127@modext.tech.xpi [2018-02-27] FF Extension: (Simple Translate) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\simple-translate@sienori.xpi [2018-03-19] FF Extension: (Adblock Plus) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-14] FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\features\{8abcd0bb-6e30-4093-b107-e66b9bc3a531}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-21] [Legacy] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [97824 2017-11-13] (Freemake) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes) R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2017-01-13] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [193448 2017-03-03] () S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-01-18] () S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] () R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-23] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-24] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45960 2018-03-24] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-23] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-24] (Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [188992 2016-02-10] (Intel Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1087616 2014-09-19] (Vimicro Corporation) S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-24 21:58 - 2018-03-24 22:00 - 000010452 _____ C:\Users\Sale\Desktop\FRST.txt 2018-03-24 21:58 - 2018-03-24 21:58 - 000000000 ____D C:\FRST 2018-03-24 21:57 - 2018-03-24 21:57 - 002403328 _____ (Farbar) C:\Users\Sale\Desktop\FRST64.exe 2018-03-24 21:48 - 2018-03-24 21:48 - 000045960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-03-24 21:47 - 2018-03-24 21:48 - 000827872 _____ C:\Windows\system32\FNTCACHE.DAT 2018-03-24 21:38 - 2018-03-24 21:45 - 000000000 ____D C:\AdwCleaner 2018-03-24 21:37 - 2018-03-24 21:37 - 008222496 _____ (Malwarebytes) C:\Users\Sale\Desktop\AdwCleaner.exe 2018-03-23 11:53 - 2018-03-24 21:48 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-03-23 11:53 - 2018-03-24 21:48 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-03-23 11:53 - 2018-03-23 11:53 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-03-23 11:53 - 2018-03-23 11:53 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2018-03-23 11:52 - 2018-03-23 11:52 - 000001088 _____ C:\Users\Sale\Desktop\Play Warframe.lnk 2018-03-22 21:42 - 2018-03-22 21:47 - 000000000 ____D C:\Users\Sale\Desktop\New folder 2018-03-20 18:08 - 2018-03-20 18:09 - 000008704 ___SH C:\Users\Sale\Thumbs.db 2018-03-20 17:35 - 2018-03-20 17:35 - 000000000 ____D C:\Users\Public\Documents\Avanquest Software 2018-03-20 17:30 - 2018-03-20 18:02 - 000000000 ____D C:\Users\Sale\AppData\Local\Avanquest 2018-03-20 17:30 - 2018-03-20 17:30 - 000000000 ____D C:\Users\Sale\AppData\Roaming\Avanquest Software 2018-03-20 17:21 - 2018-03-24 15:41 - 000000000 ____D C:\Users\Sale\AppData\Roaming\uTorrent 2018-03-20 17:21 - 2018-03-23 13:24 - 000000000 ____D C:\Program Files (x86)\uTorrent 2018-03-19 19:55 - 2018-03-19 19:55 - 000194352 _____ C:\Users\Sale\Desktop\4827018.0116.8-1za-objavljivanje.pdf 2018-03-19 18:42 - 2018-03-20 18:07 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi 2018-03-19 18:42 - 2018-03-20 18:07 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2018-03-19 18:42 - 2018-03-19 18:42 - 000000000 ____D C:\Users\Sale\AppData\Local\LogMeIn 2018-03-19 18:42 - 2017-06-29 12:31 - 000035648 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2018-03-19 18:34 - 2018-03-19 18:34 - 004500393 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating(000038.101-000104.100)(000004.341-000028.960).mp4 2018-03-19 18:32 - 2018-03-19 18:32 - 007237534 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating(000010.373-000031.562).mp4 2018-03-19 18:32 - 2018-03-19 18:32 - 004500417 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating(000038.101-000104.100).mp4 2018-03-19 18:32 - 2018-03-19 18:32 - 002702634 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating(000121.986-000128.811).mp4 2018-03-19 18:32 - 2018-03-19 18:32 - 002249980 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating(000107.920-000113.720).mp4 2018-03-19 18:10 - 2018-03-19 18:10 - 000000916 _____ C:\Users\Public\Desktop\Age of Empires II HD Edition.lnk 2018-03-19 18:10 - 2018-03-19 18:10 - 000000000 ____D C:\Windows\SysWOW64\directx 2018-03-19 17:41 - 2018-03-19 17:41 - 000000000 ____D C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2018-03-19 17:22 - 2018-03-19 17:22 - 000000000 ____D C:\Program Files (x86)\ThunderSoft 2018-03-19 15:41 - 2018-03-19 15:41 - 020783772 _____ C:\Users\Sale\Desktop\Virgin queen bee fly to mate with drone_ bees mating_young virgin queen bee mating.mp4 2018-03-18 13:55 - 2018-03-18 13:58 - 000000000 ____D C:\Users\Sale\Desktop\wetransfer-fb7f9c 2018-03-18 13:55 - 2018-03-18 13:57 - 000000000 ____D C:\Users\Sale\Desktop\wetransfer-1b15a8 2018-03-18 13:38 - 2018-03-18 13:42 - 000000000 ____D C:\Users\Sale\Desktop\wetransfer-e981b4 2018-03-14 08:03 - 2018-03-09 04:39 - 005580992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-03-14 08:03 - 2018-03-09 04:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-03-14 08:03 - 2018-03-09 04:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-03-14 08:03 - 2018-03-09 04:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-03-14 08:03 - 2018-03-09 04:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-03-14 08:03 - 2018-03-09 04:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-03-14 08:03 - 2018-03-09 04:14 - 004044992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-03-14 08:03 - 2018-03-09 04:14 - 004025536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-03-14 08:03 - 2018-03-09 04:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-03-14 08:03 - 2018-03-09 03:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-03-14 08:03 - 2018-03-09 03:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-03-14 08:03 - 2018-03-09 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-03-14 08:03 - 2018-03-09 03:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-03-14 08:03 - 2018-03-09 03:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2018-03-14 08:03 - 2018-03-09 03:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-03-14 08:03 - 2018-03-09 03:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-03-14 08:03 - 2018-03-09 03:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-03-14 08:03 - 2018-03-09 03:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-03-14 08:03 - 2018-03-09 03:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-03-14 08:03 - 2018-03-09 03:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-03-14 08:03 - 2018-03-09 03:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-03-14 08:03 - 2018-03-09 03:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-03-14 08:03 - 2018-03-09 03:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-03-14 08:03 - 2018-03-09 03:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-03-14 08:03 - 2018-03-09 03:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-03-14 08:03 - 2018-03-09 03:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-03-14 08:03 - 2018-03-09 03:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-03-14 08:03 - 2018-03-09 03:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-03-14 08:03 - 2018-03-01 09:36 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-03-14 08:03 - 2018-02-22 04:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-03-14 08:03 - 2018-02-22 04:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-03-14 08:03 - 2018-02-18 22:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-03-14 08:03 - 2018-02-10 19:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2018-03-14 08:03 - 2018-02-10 19:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2018-03-14 08:03 - 2018-02-10 19:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll 2018-03-14 08:03 - 2018-02-10 19:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2018-03-14 08:03 - 2018-02-10 19:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys 2018-03-14 08:03 - 2018-02-10 19:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2018-03-14 08:03 - 2018-02-10 19:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2018-03-14 08:03 - 2018-02-10 19:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll 2018-03-14 08:03 - 2018-02-10 19:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2018-03-14 08:03 - 2018-02-10 19:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2018-03-14 08:03 - 2018-02-10 19:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll 2018-03-14 08:03 - 2018-02-10 19:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll 2018-03-14 08:03 - 2018-02-10 18:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe 2018-03-14 08:03 - 2018-02-10 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe 2018-03-14 08:03 - 2018-02-10 18:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2018-03-14 08:03 - 2018-02-10 18:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2018-03-14 08:03 - 2018-02-10 18:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe 2018-03-14 08:03 - 2018-02-10 18:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys 2018-03-14 08:03 - 2018-02-10 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys 2018-03-14 08:03 - 2018-02-10 18:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2018-03-14 08:03 - 2018-02-02 19:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2018-03-14 08:03 - 2018-02-02 19:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2018-03-14 08:03 - 2018-02-02 19:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2018-03-14 08:03 - 2018-02-02 19:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2018-03-14 08:03 - 2018-02-02 19:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2018-03-14 08:03 - 2018-02-02 19:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2018-03-14 08:03 - 2018-02-02 19:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2018-03-14 08:03 - 2018-02-02 19:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2018-03-14 08:03 - 2018-02-02 19:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2018-03-14 08:03 - 2018-02-02 19:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2018-03-14 08:03 - 2018-02-02 18:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2018-03-14 08:03 - 2018-02-02 18:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2018-03-14 08:03 - 2018-01-15 20:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-03-14 08:03 - 2018-01-15 20:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-03-14 08:03 - 2018-01-12 17:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2018-03-14 08:03 - 2018-01-12 17:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2018-03-14 07:52 - 2018-02-13 19:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-03-14 07:52 - 2018-02-13 19:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-03-14 07:52 - 2018-02-13 15:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-03-14 07:52 - 2018-02-13 15:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-03-13 20:07 - 2018-03-13 20:07 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-03-12 00:18 - 2018-03-19 18:22 - 000000261 _____ C:\DelFix.txt 2018-03-09 14:12 - 2018-03-09 14:12 - 000000000 ____D C:\Users\Sale\AppData\Local\IsolatedStorage 2018-03-07 13:38 - 2018-03-07 13:39 - 000000000 ____D C:\Program Files (x86)\WinHTTrack 2018-03-06 13:38 - 2018-03-06 13:38 - 000000000 ____D C:\Users\Sale\Documents\paint.net User Files 2018-02-22 23:27 - 2018-03-08 22:33 - 000000000 ____D C:\Program Files (x86)\CDisplay ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-24 21:56 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-03-24 21:56 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-03-24 21:55 - 2017-01-12 21:30 - 000000000 ____D C:\Users\Sale\Documents\Outlook Files 2018-03-24 21:53 - 2017-01-12 19:18 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job 2018-03-24 21:49 - 2017-01-11 22:13 - 000000000 ____D C:\Users\Sale\AppData\LocalLow\Mozilla 2018-03-24 21:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-24 21:27 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-03-24 19:40 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2018-03-20 18:08 - 2017-01-11 21:58 - 000000000 ____D C:\Users\Sale 2018-03-20 18:02 - 2017-01-12 18:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-03-20 10:29 - 2017-09-14 10:43 - 000000000 ____D C:\Users\Sale\Documents\LogoDesignStudio Pro 2018-03-19 18:47 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries 2018-03-19 18:25 - 2017-01-12 17:13 - 000000000 ___RD C:\Users\Sale\Desktop\Graficki programi 2018-03-19 18:23 - 2017-01-25 10:15 - 000000000 ____D C:\Users\Sale\Desktop\Slike za logo i projekti 2018-03-19 18:21 - 2017-01-14 22:11 - 000000000 ___RD C:\Users\Sale\Desktop\Internet programi 2018-03-19 18:21 - 2017-01-12 17:13 - 000000000 ___RD C:\Users\Sale\Desktop\Zastita i cistaci 2018-03-19 15:39 - 2017-01-17 10:11 - 000000000 ___RD C:\Users\Sale\Desktop\Operativni programi 2018-03-19 15:16 - 2017-05-06 12:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-03-19 15:16 - 2017-01-11 22:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-03-15 09:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2018-03-15 07:00 - 2017-01-12 16:20 - 000000000 ____D C:\Windows\system32\appraiser 2018-03-15 07:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-03-15 06:44 - 2017-01-12 00:11 - 000000000 ____D C:\Windows\system32\MRT 2018-03-15 06:38 - 2017-10-12 11:39 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-03-15 06:38 - 2017-01-12 00:10 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-03-13 20:07 - 2017-01-13 14:11 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-03-13 20:07 - 2017-01-13 14:11 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-03-13 20:07 - 2017-01-13 14:11 - 000000000 ____D C:\Windows\system32\Macromed 2018-03-13 20:07 - 2017-01-13 13:33 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-03-13 20:07 - 2017-01-13 13:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-03-12 10:45 - 2017-01-12 19:06 - 000000000 ____D C:\Users\Sale\AppData\Local\Microsoft Help 2018-03-08 22:27 - 2018-01-30 21:12 - 000000000 ____D C:\Users\Sale\AppData\Local\Sony 2018-03-04 22:25 - 2017-12-25 08:37 - 000000000 ____D C:\Users\Sale\Desktop\za auto 2018-02-27 22:05 - 2018-01-18 16:23 - 000000000 ____D C:\Users\Sale\.openshot_qt 2018-02-27 02:05 - 2017-09-14 18:58 - 000000000 ____D C:\Users\Sale\Desktop\predavanja ==================== Files in the root of some directories ======= 2017-01-12 23:04 - 2018-03-07 11:13 - 022803992 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2017-02-27 22:15 - 2017-03-01 08:24 - 000889271 _____ () C:\Users\Sale\AppData\Local\ars.cache 2017-02-27 22:16 - 2017-03-01 12:51 - 013099399 _____ () C:\Users\Sale\AppData\Local\census.cache 2017-11-22 18:29 - 2017-11-22 18:29 - 000003584 _____ () C:\Users\Sale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-02-27 15:34 - 2017-02-27 15:34 - 000000036 _____ () C:\Users\Sale\AppData\Local\housecall.guid.cache 2017-01-11 22:31 - 2017-12-22 21:35 - 000007667 _____ () C:\Users\Sale\AppData\Local\Resmon.ResmonCfg 2017-02-27 17:25 - 2017-02-27 23:07 - 000000010 _____ () C:\Users\Sale\AppData\Local\sponge.last.runtime.cache ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed C:\Windows\system32\drivers\hamachi.sys -> Access Denied <======= ATTENTION LastRegBack: 2018-03-19 09:33 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 25 Mar 2018 11:55 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `FF user.js: detected! => C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\user.js [2017-06-30] FF Extension: (System Table) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\622127@modext.tech.xpi [2018-02-27]` U okviru Notepad-a klikni na File --> Save As Pod Encoding izaberi UTF-8. Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

goust Poslao: 25 Mar 2018 16:56 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018 Ran by Sale (25-03-2018 17:51:28) Run:1 Running from C:\Users\Sale\Desktop Loaded Profiles: Sale (Available Profiles: Sale) Boot Mode: Normal ============================================== fixlist content: *************** FF user.js: detected! => C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\user.js [2017-06-30] FF Extension: (System Table) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\622127@modext.tech.xpi [2018-02-27] *************** C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\user.js => moved successfully C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\1yjtmeze.default-1484260374227\Extensions\622127@modext.tech.xpi => moved successfully ==== End of Fixlog 17:51:34 ==== Proverio sam i ne vidim da vise ima tog djubreta.

Profil

Sass Drake Poslao: 25 Mar 2018 20:59 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je da spakuješ folder C:\FRST\Quarantine u arhivu i pošalješ nam ga. Uđi u folder C:\FRST Desnim tasterom miša klini na folder Quarantine i izaberi opciju Add to archive... kao na slici Kao Archive format izaberi RAR5 ili RAR Za Compression method odaberi Best U polje Split to volumes, bytes unesi 5000000 (slovima: pet miliona) Na desnoj strani označi opciju Create Solid Archive (pogledaj sliku dole) Klikni na OK Kada WinRAR završi sa kompresovanjem, dobijene fajlove uploaduj (jedan po jedan) na: https://www.mycity.rs/ambulanta-upload.php

Profil

goust Poslao: 25 Mar 2018 21:34 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bio samo jedan fajl, upravo samga poslao.

Profil

Sass Drake Poslao: 25 Mar 2018 21:47 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

goust Poslao: 25 Mar 2018 21:59 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Veliko HVALA!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Zarazen Firefox

Ko je trenutno na forumu

Ukupno su 479 korisnika na forumu :: 7 registrovanih, 2 sakrivenih i 470 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, laurusri, Lazarus, mnn2, stegonosa, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by